Security and Privacy

Privacy Policy

Weleda is committed to protecting your privacy. We recognize the trust you put in us when you share information on this website. This policy describes how we collect and use information from and about you collected on this site. Please be aware that this policy governs only information that is gathered online by this website and does not extend to any other means of communication connected to Weleda.

How we collect and use information

When you register on our site, you have to provide us with your email address and a password. This will allow you access to your account where you can purchase products from us, view order history, update your address book, set reminders, update your profile and communication details.

All information is sent encrypted by secure server (SSL) in order to prevent third-party access to your information while in transit to us. Once we have received the data, we maintain safeguards to protect it against unauthorized disclosure, use, alteration or destruction of the personal information you provide on the site. The site is PCI DSS Compliant to Tier 1 – which ensures unbeatable security & protection of sensitive customer information including credit cards.

You can rest assured that your personal details remain confidential and we do not share our database or pass on details to other companies.

We use the information collected from you to send you emails or other communications that we think you may be interested in.

When you first register with us you will automatically receive:

  • • Email newsletters – with details of exclusive offers
  • • Weleda Revue booklet – contains topical information, plant profiles, seasonal

If you do not wish to receive either of the above please let us know by telephoning Customer Services on 0115 944 8200 or by clicking ‘unsubscribe’ at the base of the first emailer you receive.

Cookies

A cookie is a small amount of data sent from our server and stored on your computer's hard drive.

Cookies that are Strictly Necessary for the Operation of the Site

Some of the cookies we use are essential for parts of the Site to operate and are already set. These are strictly necessary for the sale of products requested by you and without them the Site cannot operate as intended.

Cookie

Originating Page

Usage

Expiry
device First page viewed Stores the device preference. End of session
httprefer First page viewed Referral data to track sites that link to Venda. 2 days
lang All Records the user's language preference. Never
locn All Records the user's location (region) preference. Never
newCurr During currency change Records the user's currency preference so that exchange rates can be made. 1 week
quench All For managing performance. End of session
referid First page viewed Referral data to track sites that link to Venda. 2 days

RFID

Add to cart / log in

Records the user's unique user reference ID for the current session.

Never
RSI Keyword search Records the last 3 keyword searches so they appear in the "Recent Search Box", allowing the Customer to jump back to those searches quickly. 1 day
RVI Viewing products Records the products the user has recently viewed to show in the "Recently Viewed Items" box. 1 week
setCurrency During currency change Records the user's currency preference so that exchange rates can be made. 1 week
setView Product lists / search results Records the user's preference for how products are arranged on product list and search results pages. 1 week
setViewPerPage Product lists / search results Records the user's preference for the number of products to view per page. 1 week
SID First page viewed Contains information about the session. Never
    Remainder of tracking tags to completed by the Client.  

Other Uses of Cookies (Where the User has Consented to Such Use)

Where you consent to us doing so, we also use cookies and other such devices to compile anonymous, aggregated statistics that allow us to understand how users use our Site and to help us improve the structure of our Site (we cannot identify you personally in this way). We use cookies and other such devices to allow us to understand who has seen which pages and advertisements on the Site, to determine how frequently particular such pages and advertisements are visited, to determine the most popular areas of the Site and generally in order to monitor usage of the Site.

Where you consent to us doing so, we may also use cookies and other such devices to:

  • to allow you to carry information across pages of our Site and avoid having to re-enter information;
  • within registration to allow you to access stored information;
  • to help us recognise you as a unique visitor when you return to our Site and to allow us to tailor content or advertisements to match your preferred interests or to avoid showing you the same adverts repeatedly;
  • speed up searches; and/or
  • within research surveys to ensure you are not invited to complete a questionnaire too often or after you have already done so.

Cookie

Originating Page

Usage

Expiry
    Remainder of tracking tags to completed by the Client.  

Browser Settings

Most internet browsers are automatically set up to accept cookies, but you can set your browser to refuse a cookie or ask your browser to show you where a cookie has been set up. Certain services are only activated by the presence of a cookie and, if you choose to refuse cookies, particular features of this Site may not be available to you.

Find out how to disable/enable cookies by clicking on the "Manage Cookies" section of the Interactive Advertising Bureau UK Site on the following link http://www.allaboutcookies.org.

We may use Adobe Flash Player to display video or image content. It may not possible to block or restrict flash cookies using your browser settings. However information on how to control flash player privacy and security settings is available from the Adobe Site at: http://www.adobe.com/products/flashplayer/security.

Security Policy

How secure are my personal and credit card details?

We know that security is one of the main concerns when buying on the internet. So when researching hosts for the Weleda site ‘the best security available’ was top of the list of essentials. We are pleased to confirm that to our knowledge the security provided is the best available. The site is PCI DSS Compliant to Tier 1 – which ensures unbeatable security & protection of sensitive customer information including credit cards.

Why do I need to enter my email address?

We use your email address as a means of identification, as this is totally unique to you.

Why do I need a password?

When you create a password it allows you to access your account information.

Your password is unique to your email address and ensures that your account details remain secure. You can access your account information at any time to edit any of your account details.

Each time you return to this site, remember to sign in using your email and password.

Why do I need to log in again even though I have already?

If you have been through to Checkout and then gone back to shop, the website will ask you to log in again. This is to ensure security is maintained because credit card details are added at Checkout so that area needs to be kept safe.

The site is PCI DSS Tier 1 compliant. The Payment Card Industry Data Security Standard (PCI DSS) is a security standard which at Tier 1 Certification and compliance ensures unbeatable security & protection of sensitive customer information including credit cards.

PCI Overview

The Payment Card Industry Data Security Standard (PCI DSS) is a security standard which at Tier 1 Certification and compliance ensures unbeatable security and protection of sensitive customer information including credit cards.

The requirements for Tier 1 Certification include:

  • Security management policies;
  • Security policies;
  • Security procedures;
  • Network architecture;
  • Software design;
  • Critical Protective Measures.

Websites go through a rigorous INDEPENDENT audit and significant investment to attain Tier 1 PCI DSS certification. The purpose is to ensure that their customers' data is as safe as possible when they purchase products online.

Venda is the only global website provider to provide enterprise wide PCI DSS Tier 1 Certification. Visit www.venda.com for more information.

Verified by Visa Overview

Verified by Visa, also known as 3-D Secure, is an extra level of security developed by Visa and MasterCard to improve the security of payments and transactions offered to customers over the Internet. When you initiate a transaction using one of these card issuers you will be redirected to the website of your card-issuing bank to authorise the transaction. You will have to enter your password, or create one if you don’t already have one, which will then redirect you back to our site to complete your order. If you are creating a password, you can then use this password on any other site that uses 3-D Secure technology. Please note: this password is separate from the one you use to log in to our site.